New updated EasyApache 4 packages are now available for download from our updates-testing repository.
Changelog
ea-cpanel-tools-1.0-25.cloudlinux
- updated to version 1.0-25
ea-nodejs10-10.17.0-1.cloudlinux
- updated to version 10.17.0
ea-php-cli-1.0.0-9.cloudlinux
- updated to version 1.0.0-9
ea-php71-7.1.33-1.cloudlinux
ea-php71-php-7.1.33-1.cloudlinux
- updated to version 7.1.33
ea-php72-7.2.24-1.cloudlinux
ea-php72-php-7.2.24-1.cloudlinux
- updated to version 7.2.24
ea-php73-7.3.11-1.cloudlinux
ea-php73-php-7.3.11-1.cloudlinux
- updated to version 7.3.11
You can find the full changelog here.
The PHP updates include a fix for CVE-2019-11043, more details in the links below: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11043.
Changelog for Hardened PHP
ea-php52-php-5.2.17-27.cloudlinux.20
- fixed #76342: file_get_contents waits twice specified timeout
- fixed #76859 stream_get_line skips data if used with data-generating filter
ea-php53-php-5.3.29-29.cloudlinux.14
ea-php54-php-5.4.45-64.cloudlinux.3
ea-php55-php-5.5.38-47.cloudlinux.3
- fixed #76342: file_get_contents waits twice specified timeout
- fixed #76859 stream_get_line skips data if used with data-generating filter
- fixed #78579: mb_decode_numericentity: args number inconsistency
- fixed bug #78599 (env_path_info underflow can lead to RCE) (CVE-2019-11043)
ea-php56-php-5.6.40-9.cloudlinux.3
- fixed #76342: file_get_contents waits twice specified timeout
- fixed #76859 stream_get_line skips data if used with data-generating filter
- fixed #78413: php-fpm request_terminate_timeout does not take effect after fastcgi_finish_request
- fixed #78579: mb_decode_numericentity: args number inconsistency
- fixed bug #78599 (env_path_info underflow can lead to RCE) (CVE-2019-11043)
ea-php70-php-7.0.33-10.cloudlinux.3
- fixed #76342: file_get_contents waits twice specified timeout
- fixed #76859 stream_get_line skips data if used with data-generating filter
- fixed #78413: php-fpm request_terminate_timeout does not take effect after fastcgi_finish_request
- fixed #78535: auto_detect_line_endings value not parsed as bool
- fixed #78579: mb_decode_numericentity: args number inconsistency
- fixed bug #78599 (env_path_info underflow can lead to RCE) (CVE-2019-11043)
- fixed bug #78612
- fixed #78620: Out of memory error
- fixed #78641: addGlob can modify given remove_path value
The PHP updates include a fix for CVE-2019-11043, more details in the links below: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11043.
Update command
yum update ea-* --enablerepo=cl-ea4-testing